Please, for this post, consider ‘password’ and ‘passphrase’ to be the same thing… Also, consider that I’ve frunk yoo much alcohol, so there may be mistakes
The password needs to be a strong one. It needs to be far stronger than your typical password for website logins. A well implemented website login protocol will limit the rate at which password guesses can be made by an attacker. It will also not keep user’s passwords in a database, in case of theft (they could store a salted and hashed version of the user’s password).
If someone gained access to your Trezor’s 24 word seed they could guess at your additional password at a rate only limited by their hardware capabilities. This is many, many orders of magnitude faster than the rate at which they can guess for a good website login.
The password you choose for your Trezor (in the situation you describe) needs to be strong enough to withstand an unimpeded brute force attack. I’d suggest that it’s going to be so long that it will be inconvenient for you to enter it. This is unfortunately the price you pay for security (convenience vs security). The level of inconvenience you’ll have to suffer largely depends upon the way Trezor have implemented their password function.
I’m afraid I’m not familiar enough with the Trezor to know how it handles passwords. The Ledger Nano S gives the opportunity to save a password protected wallet, which is further protected by a PIN. Three incorrect PIN guesses resets the whole device. Can you do this with the Trezor? Regardless, this is only a convenience issue…
In order to determine how strong a password is, there are three important factors:
The character set. This is the number of different characters which can be used in the password. Typically, these characters can be letters (upper or lower case), numbers, or special characters.
The length of the password. The longer the better.
The randomness. The more random the better… SERIOUSLY!. (Humans don’t do things randomly nearly so well as computers, but they often think that they do).
To work out the number of ‘bits of entropy’ in a RANDOM password, take the number of characters in the character set and put it to the power of the length of the password. In other words, multiply the length of the character set by itself, as many times as there are characters in the password. Can someone do a formula, because I can’t be bothered?
As a yardstick you could consider that a bitcoin private key usually has 256 bits of entropy (2^256). Do you want your password to be as strong as a bitcoin private key? I don’t know the character set for a Trezor. If, for example, there are 64 available characters, your password (if it’s random) should be about 43 characters long. I was thinking that 64 is 2^6 and 256/6 is 42.666…
(If you tell me how many different characters are allowed in a Trezor password, I can tell you how long to make the RANDOM password, if you want it to be as secure as a ‘normal’ bitcoin private key)